eDirectory Web Page Generation Vulnerability
CVE-2021-22503

6.1MEDIUM

Key Information:

Vendor: Opentext
Status: Edirectory
Vendor: CVE Published:; 12 September 2024

Summary

A vulnerability has been identified in OpenText™ eDirectory, specifically relating to improper neutralization of input during web page generation. This issue, present in version 9.2.3.0000, could allow an attacker to exploit the application through inadequately sanitized data inputs, potentially leading to unexpected behaviors in the web application, including security breaches and data manipulation risks.

Affected Version(s)

eDirectory Windows 9.2.3.0000

References

https://www.netiq.com/documentation/edirectory-92/edirect...

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Sep 12, 2024
Vulnerability Reserved
Jan 5, 2021